Re: high-end firewall

To: nishan@t3.com, blarson@blars.org, Gnosis_@compuserve.com, akotok@disa.org
Cc: debian-firewall@lists.debian.org
Subject: Re: high-end firewall
From: JimcDTWlst@aol.com
Date: Tue, 28 Aug 2001 02:51:12 EDT
Message-id: <[🔎] 123.3d3b56e.28bc9960@aol.com>

Just go here and read this.

Since you have the rare opportunity to start from zero, stand on the sholders 
of the giants who made such things managable over possible.

http://www2.linuxjournal.com/lj-issues/issue89/4815.html

"
Feature

Taming the Wild Netfilter
"

The article has it all; even (b)leading edge examples!
("Sliding down the bleading edge of thehnology!" Firesign Theatre)

You can even/especially follow the "directions" AT HOME (guaranteeeeee, you 
do NOT embark on a 
"career breaker".

(linuxcentral.com will mail you a full/max distribution w/source!!! to set 
aside; ANY/EVERY/ALL Linux distributions @ ------ $1.50 !!!!! ------- 
EACH!!!! ALL source files in there TOO (templates; great, fast,max-efficient 
ones, for any/everything u could ever need/want to do? Like OBEY the LAW! 
while learning! "Trust and verity":RR. NO! That's "verify")!!! That's what I 
paid for 6/7 of them a year of so ago; YES! Darn near every one of them IS 
self installing; tho if you want to keep W98 etc. on HD & dual boot, better 
"call back", it's tricky to "Trivialize"/SECURE-CURRENT-HD-CONTENTS in that 
case; done it; many times; each/all worked w/max/TRUE 
current-data-secure-w/o-risk.  WHAT IF YOU OFFERED THAT!! TO YOUR 
"CLIENTS/CUSTOMERS"???? Generate; A TECH-V.P. OFFER? MOUNTING AND USING ALL 
WIN/DOS STUFF ONTO/WITHIN LINUX!!! YEAH.  Been there.  Done that.  Still doin 
it, too. The very few Dos/Win progs. that aren't "wine-ing" yet can bee stuck 
(sic) on some current/legacy box in the SEE(M)LESS (sic) dept-network YOU 
WILL provide.)

Regards,

Jim Cunningham

"
If I have seen far, it is because I have stood on the shoulders of giants.
"
(author: go look it up!  Now THAT would be "education"!!)

P.S.
Many are sucessfully using old 486s w/bios CD-boot to "pass<filter" LOTS of 
packets (scaling groups of these up is well documented from quite a while 
ago; since they were FREE OLD SURPLUS STUFF: i smell a HGERO's opportunity 
here?   you "CORNER THE GARNERING OF ALL BOXES THAT ANY/EVERBODY ELSE 
UPDATES/REPLACES; THROW'EM A FEW BUDGET-BUKS!!  bc. when that makes them able 
to afford upgrades;MAN, THEY LOVE YOU SOOOO MUCH!!  NEW P IIIs  ARE CHEAP, 
and just THE thing ;Celerons/AMDs;you can get new FAST ones@CHEAP$).  Old P 
IIIs should kick buts.  May be lots of RAM chips in other boxes to "brusque 
out" a chosen box, too (watch bus>chip(s) speed matching issues).  The CD 
auto RE-boot is SWELL! (you burn your own to reboot your exact FW environ, 
and distribs. of changes is trivialized in a secure manner; this is a BEST 
approach to most "distribution" CONTROL issues, IMHO; especially!!!, bc. you 
decide what they WROTE that you are responsible for their box 
auto-roboots-what: controlling! > if they put unauthorized stuff on their 
box=we don't compound THEIR error/insubordination)

P.P.S.

RE:

The above; all of it;

DO-ABLE!!! (did it)

'you might ask yourself...same as it ever was...and you might ask 
yourself...same as it ever was"
(Talking Heads)

sorta?

GoSee; "smoothwall" .org(?)!! their free (YES, THE 4 LETTER "F" WORD EVERYONE 
in business ownership/mgmnt. IS SO AFRAID OF)  dist. IS 
most-curret-full/rich-SECURE-TO-THE-RECENT-MAX.! (as it's ONLY goal; excuse 
for existence; we need yet another commercialized dist. of linux!; like the 
world needs yet another G/L pkg. Doesn't it?)  I did find one typo in a 
kernel re-build/config srcfile, tho, that was trivial for me to fix; and yes 
I will/have (depending on when you read this) "busted on em".

It waaay! self installs/CONFIGURES-ITSELF-TO-WHATEVER-IS-"THERE" (SOME SIMPLE 
QUESTIONS RE: HOW MUCH REAL SOPHISTICATION ARE YOU READY FOR) on an old 486 
WITH-w/o CD/modem/nic/whatever; EASILY (as only disk partition!); on 
small/slow HDs even, w/LOW mem. even (it's trivial! to get it up! You TURN 
THE BOX ON!!!!  Imagine the re-boot CDs you could dist. from hereabouts). 
YET, you can LEARN security from this group, via their dist.'s 
"configuration" (ESPECIALLY what they chose to NOT put in it!; which they 
TELL)  When these guys dist./ship/install/DELIVER "netfilter": 1) that will 
be that, re: packet filtering 2) you can by then be ready to del.-the-goods 
for Corp./Career/Corp.-Careers-of-tame(sic)-members w/self-experience and 
self success, as a leader!  Waaaay COOOOL! Huh?  So what in the world would I 
do to top that????  Why you would (obviously!) be ready, by then, to get paid 
(way lots) to deploy postgresql and help retire the concept "legacy systemS", 
of course.

But what if we just have them all add a second HD, a FAST one, that "melds" 
w/current controller/whatever, and just give them a CD w/instructionns to 
"Shutdown w/powerdown; put the "totally encrypted/hooked -to-our-team-ONLY" 
CD in; powerup;go kick but for the team guy's"?  It could happen!

Reply to:

Prev by Date: Re: high-end firewall
Next by Date: Double router in a network and cached routes
Previous by thread: RE: high-end firewall
Next by thread: Double router in a network and cached routes
Index(es):
- Date
- Thread